General

Malware Config

Signatures

Files

• 787c78e5654a6671a8e7f499d5d45a6c04f33a1a0d4b2226752b70da52ea592b

  .exe windows x86

  93806168099600f3f552afb535f0eccf

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  LookupPrivilegeValueA

  GetTokenInformation

  DeleteService

  CreateServiceA

  ControlService

  CloseServiceHandle

  AdjustTokenPrivileges

  SetServiceStatus

  RegisterServiceCtrlHandlerA

  RegSetValueExA

  RegEnumKeyA

  InitializeSecurityDescriptor

  StartServiceCtrlDispatcherA

  OpenProcessToken

  FreeSid

  AllocateAndInitializeSid

  RegQueryValueExA

  RegOpenKeyExA

  RegCloseKey

  user32

  GetSystemMetrics

  LoadCursorA

  GetWindowTextA

  IsDialogMessageA

  LoadBitmapA

  CheckDlgButton

  SetWindowTextA

  GetIconInfo

  GetDC

  ReleaseDC

  GetSysColor

  GetSysColorBrush

  SetWindowsHookExA

  CheckMenuItem

  EnableMenuItem

  ModifyMenuA

  GetFocus

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  GetWindow

  GetWindowRect

  GetWindowPlacement

  IsIconic

  SystemParametersInfoA

  SetWindowPos

  SetWindowLongA

  CallNextHookEx

  CallWindowProcA

  DefWindowProcA

  DispatchMessageA

  GetDlgCtrlID

  PtInRect

  CopyRect

  UnhookWindowsHookEx

  MessageBoxA

  EnableWindow

  IsWindowEnabled

  GetLastActivePopup

  GetWindowLongA

  GetParent

  SendMessageA

  GetWindowThreadProcessId

  GetSubMenu

  GetMenuItemCount

  GetMenuItemID

  GetMenuState

  ValidateRect

  GetKeyState

  PeekMessageA

  GetMenu

  PostQuitMessage

  GrayStringA

  DrawTextExA

  DrawTextA

  TabbedTextOutA

  DestroyMenu

  ClientToScreen

  RegisterWindowMessageA

  LoadIconA

  WinHelpA

  GetCapture

  GetClassLongA

  GetClassNameA

  SetPropA

  GetPropA

  RemovePropA

  IsWindow

  GetForegroundWindow

  GetDlgItem

  GetTopWindow

  DestroyWindow

  GetMessageTime

  GetMessagePos

  MapWindowPoints

  SetMenu

  SetForegroundWindow

  GetClientRect

  PostMessageA

  CreateWindowExA

  GetClassInfoExA

  GetClassInfoA

  RegisterClassA

  AdjustWindowRectEx

  gdi32

  GetStockObject

  GetDeviceCaps

  DeleteDC

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SelectObject

  Escape

  SetAbortProc

  AbortDoc

  SetRectRgn

  CombineRgn

  EndDoc

  TextOutA

  RectVisible

  PtVisible

  SetMapMode

  RestoreDC

  SaveDC

  ExtTextOutA

  DeleteObject

  SetBkColor

  SetTextColor

  GetClipBox

  CreateBitmap

  comctl32

  ImageList_Add

  ord17

  _TrackMouseEvent

  ImageList_DragShowNolock

  comdlg32

  FindTextA

  GetSaveFileNameA

  GetOpenFileNameA

  GetFileTitleA

  ole32

  CoSuspendClassObjects

  CoUninitialize

  CoInitialize

  StgCreateDocfile

  oleaut32

  VariantChangeType

  VariantInit

  VariantClear

  wininet

  HttpSendRequestA

  InternetWriteFile

  InternetSetFilePointer

  HttpQueryInfoA

  InternetQueryDataAvailable

  InternetSetOptionExA

  InternetCanonicalizeUrlA

  InternetOpenUrlA

  InternetOpenA

  HttpOpenRequestA

  InternetCloseHandle

  InternetConnectA

  shlwapi

  PathIsUNCA

  StrDupA

  StrCmpNA

  PathFindExtensionA

  winmm

  waveOutClose

  timeBeginPeriod

  timeEndPeriod

  waveOutOpen

  uxtheme

  GetThemeFont

  CloseThemeData

  avifil32

  AVIFileOpenA

  AVIFileGetStream

  AVIFileReadData

  AVIBuildFilterA

  AVIFileInit

  kernel32

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  InitializeCriticalSectionAndSpinCount

  IsValidCodePage

  GetACP

  GetSystemTimeAsFileTime

  GetTickCount

  VirtualFree

  HeapCreate

  GetStartupInfoA

  GetFileType

  SetHandleCount

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetStdHandle

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  ExitProcess

  HeapSize

  HeapReAlloc

  VirtualAlloc

  HeapFree

  HeapAlloc

  GetStartupInfoW

  RtlUnwind

  GetOEMCP

  GetCPInfo

  GetLocaleInfoA

  GlobalFlags

  GetCurrentProcess

  FlushFileBuffers

  SetFilePointer

  WriteFile

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  lstrcmpW

  lstrcmpA

  GlobalGetAtomNameA

  InterlockedIncrement

  GetModuleHandleW

  CompareStringA

  GetCurrentThreadId

  CloseHandle

  FormatMessageA

  MultiByteToWideChar

  lstrlenA

  GetCurrentProcessId

  WideCharToMultiByte

  FindResourceA

  LockResource

  InterlockedDecrement

  GetModuleFileNameW

  TlsFree

  GlobalFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalAlloc

  GlobalHandle

  GlobalUnlock

  GlobalReAlloc

  GlobalLock

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  SetLastError

  CreateFileA

  GetWindowsDirectoryA

  GetSystemTime

  OpenProcess

  GetVersionExA

  GetModuleHandleA

  GetDateFormatA

  SizeofResource

  LoadResource

  MoveFileA

  CreateThread

  LocalFree

  LocalAlloc

  GetEnvironmentVariableA

  Sleep

  GetModuleFileNameA

  GetSystemInfo

  GetTempPathA

  VirtualProtect

  GetProcAddress

  FreeLibrary

  InterlockedExchange

  GetLastError

  LoadLibraryA

  RaiseException

  QueryPerformanceCounter

  Sections

  .text

  Size: 310KB - Virtual size: 310KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 211KB - Virtual size: 211KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 2.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 161KB - Virtual size: 161KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 40KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ